The data controller for your personal data is the entity operating the website sales.easygate.pt. For any questions regarding the processing of your data, please contact us at info@sales.easygate.pt.
This Privacy Policy applies to all personal data collected and processed through sales.easygate.pt, including the digital products store, the contact/support form and all associated services.
The processing of your personal data is carried out in accordance with:
| Data | Purpose | Legal basis (GDPR) |
|---|---|---|
| Full name | Buyer identification; personalisation of confirmation email | Art. 6(1)(b) — performance of contract |
| Email address | Sending the product download link; order-related communications | Art. 6(1)(b) — performance of contract |
| Company (optional) | Tax identification; invoicing | Art. 6(1)(b) and (c) — contract and legal obligation |
| Address, postcode, city | Compliance with VAT obligations; invoicing | Art. 6(1)(c) — legal obligation (tax) |
| Country | Determination of applicable VAT rate (Directive 2006/112/EC and OSS) | Art. 6(1)(c) — legal obligation (tax) |
| VAT number (optional) | VIES verification for B2B reverse charge; tax evidence | Art. 6(1)(c) — legal obligation (tax) |
| IP address | Geolocation evidence for customer country determination (Reg. EU 1042/2013); fraud prevention | Art. 6(1)(f) — legitimate interest |
| Locale/language | Personalisation of communications; audit trail | Art. 6(1)(b) — performance of contract |
| PayPal transaction IDs | Payment verification and records; refund management | Art. 6(1)(b) and (c) — contract and legal obligation |
| Data | Purpose | Legal basis (GDPR) |
|---|---|---|
| Name, email address | Identification and response to enquiry | Art. 6(1)(a) — consent (voluntary submission) |
| Subject and message | Provision of customer support service | Art. 6(1)(a) — consent |
| Attachment (support form) | Diagnosis and resolution of reported issues | Art. 6(1)(a) — consent |
| IP address | Security and abuse prevention | Art. 6(1)(f) — legitimate interest |
To comply with Regulation (EU) No. 1042/2013 (Art. 24a of Reg. 282/2011), which requires at least two non-contradictory pieces of evidence of the customer's country for digital services supplied to EU consumers, we retain:
We use only strictly necessary and functional cookies. For detailed information on the cookies used, their purposes and duration, please see our Cookie Policy.
When you make a purchase, the data required for payment processing is transmitted to PayPal (Europe) S.à r.l. et Cie, S.C.A., headquartered in Luxembourg. PayPal acts as an independent data controller for payment data. See the PayPal Privacy Policy.
Confirmation and notification emails are sent via an SMTP provider, which acts as a data processor and only processes data for the purpose of email delivery.
When you provide a VAT number, it is transmitted to the European Commission's VIES API for verification. The Commission is not a data processor under the GDPR; this is a consultation of a public European service. The result is retained for tax audit purposes.
We do not sell, rent or share your personal data with third parties for commercial or advertising purposes.
Your data is processed and stored on servers located within the European Economic Area (EEA). PayPal may transfer data to the United States of America under appropriate safeguards pursuant to Art. 46 GDPR (standard contractual clauses and/or adequacy decision).
| Data category | Period | Basis |
|---|---|---|
| Order and transaction data (including tax data) | 10 years | Tax obligation (VAT Code; Reg. EU 1042/2013) |
| VAT fiscal evidence | 10 years | Art. 52 of Directive 2006/112/EC |
| Contact and support messages | 2 years | Legitimate interest (complaints management) |
| Access logs (IP addresses) | 1 year | Legitimate interest (security) |
| Email dispatch logs | 1 year | Legitimate interest (diagnostics) |
Under the GDPR, you have the following rights regarding your personal data:
To exercise any of these rights, contact us at info@sales.easygate.pt with adequate identification. We will respond within 30 days.
The competent supervisory authority in Portugal is the Comissão Nacional de Protecção de Dados (CNPD):
We implement appropriate technical and organisational measures to protect your personal data, including HTTPS/TLS encryption, cryptographically secure unique download tokens, restricted admin access with password authentication, IP-based rate limiting against brute force attacks, and web-accessible file directory protection.
We may update this Privacy Policy as necessary. The updated version will be available on this website with a revised “last updated” date. We recommend checking this page periodically.